The article “The Move Beyond Building Automation Systems to a More Secure Energy Infrastructure” by Brad Witter, EVP of Technology and Operations at Blue Pillar, Inc., was brought to light compliments of Lynxspring’s Marc Petock, VP Marketing. The implications of this article may cause some discomfort, especially, if you believe your are on or near the top of rung of the BAS technology ladder. Large infrastructures (hospitals, universities, industrial parks, malls, and supermarkets and the like) are shifting their big gears to reduce their security and service disruption vulnerabilities, shifting towards a digital energy network that may leave the customized and inflexible software providers, featuring their “individual-dependent” options — well outside the emerging solutions zone.
Frost and Sullivan’s findings show that developing a better and more energy efficient infrastructure runs parallel with the challenge of getting the most out of your existing aging energy infrastructure. Maximizing the value of both the new and the old is the name of the game. Companies need to balance cost effectiveness and risk, which is why BAS and SCADA applications are on the losing side of the coin, but still considered because they have been around for more than a decade and integrate with legacy assets. However, as cyber threats and their associated risks grow, the heads of engineering, operations and facilities management are weighing in. The cost of a security breach or service disruption is ruling out the use of BAS or SCADA for automating energy infrastructures, which is putting vendors of such systems in a frenzy to find a plausible solution. The ISA Security Compliance Institute (ISCI) is emerging to formalize SCADA security testing, but it will inevitably take time before any protocol standards will be accepted as safe and secure.
“A great majority of SCADA vendors have started to address the risks of cyber threats by developing lines of specialized industrial firewall and VPN solutions for TCP/IP-based SCADA networks,” said Frost & Sullivan research analyst Katarzyna Owczarczyk in a recent statement. Across the spectrum of automation and control systems, statistics show that both BAS and SCADA systems have been found to be more vulnerable to cyber-attacks. This is re-affirmed by a number of high-profile attacks recently.
Most of the protocols communicating with both BAS and SCADA have their origins in serial communications and provide absolutely no security, and contrary to some of the “sales” jargon out there, are simply not foolproof and put end-users in a vulnerable, risky position. Whether the communications are Modbus, TCP/IP or OPC, the unfortunate truth is that these protocols actually increase the potential vulnerabilities within their facilities. Energy asset management systems, unlike BAS systems, have been developed to manage the growing complexity of distributed energy resources (DER).
Click here for complete article.